CVE List - 2014 / November
Showing 301 - 400 of 501 CVEs for November 2014 (Page 4 of 6)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-4461 | 2014-11-18 | The kernel in Apple iOS before 8.1.1 and Apple TV... |
| CVE-2014-4462 | 2014-11-18 | WebKit, as used in Apple iOS before 8.1.1 and Apple... |
| CVE-2014-4463 | 2014-11-18 | Apple iOS before 8.1.1 allows physically proximate attackers to bypass... |
| CVE-2014-3613 | 2014-11-18 | cURL and libcurl before 7.38.0 does not properly handle IP... |
| CVE-2014-3620 | 2014-11-18 | cURL and libcurl before 7.38.0 allow remote attackers to bypass... |
| CVE-2014-7146 | 2014-11-18 | The XmlImportExport plugin in MantisBT 1.2.17 and earlier allows remote... |
| CVE-2014-7824 | 2014-11-18 | D-Bus 1.3.0 through 1.6.x before 1.6.26, 1.8.x before 1.8.10, and... |
| CVE-2014-8475 | 2014-11-18 | FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos... |
| CVE-2014-8598 | 2014-11-18 | The XML Import/Export plugin in MantisBT 1.2.x does not restrict... |
| CVE-2014-4817 | 2014-11-18 | The server in IBM Tivoli Storage Manager (TSM) 5.x and... |
| CVE-2014-7829 | 2014-11-18 | Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/static.rb in Action Pack in Ruby... |
| CVE-2014-7996 | 2014-11-18 | Cross-site request forgery (CSRF) vulnerability in the web framework in... |
| CVE-2014-6324 | 2014-11-18 | The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server... |
| CVE-2014-7899 | 2014-11-19 | Google Chrome before 38.0.2125.101 allows remote attackers to spoof the... |
| CVE-2014-7900 | 2014-11-19 | Use-after-free vulnerability in the CPDF_Parser::IsLinearizedFile function in fpdfapi/fpdf_parser/fpdf_parser_parser.cpp in PDFium,... |
| CVE-2014-7901 | 2014-11-19 | Integer overflow in the opj_t2_read_packet_data function in fxcodec/fx_libopenjpeg/libopenjpeg20/t2.c in OpenJPEG... |
| CVE-2014-7902 | 2014-11-19 | Use-after-free vulnerability in PDFium, as used in Google Chrome before... |
| CVE-2014-7903 | 2014-11-19 | Buffer overflow in OpenJPEG before r2911 in PDFium, as used... |
| CVE-2014-7904 | 2014-11-19 | Buffer overflow in Skia, as used in Google Chrome before... |
| CVE-2014-7905 | 2014-11-19 | Google Chrome before 39.0.2171.65 on Android does not prevent navigation... |
| CVE-2014-7906 | 2014-11-19 | Use-after-free vulnerability in the Pepper plugins in Google Chrome before... |
| CVE-2014-7907 | 2014-11-19 | Multiple use-after-free vulnerabilities in modules/screen_orientation/ScreenOrientationController.cpp in Blink, as used in... |
| CVE-2014-7908 | 2014-11-19 | Multiple integer overflows in the CheckMov function in media/base/container_names.cc in... |
| CVE-2014-7909 | 2014-11-19 | effects/SkDashPathEffect.cpp in Skia, as used in Google Chrome before 39.0.2171.65,... |
| CVE-2014-7910 | 2014-11-19 | Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers... |
| CVE-2014-7290 | 2014-11-19 | Multiple cross-site scripting (XSS) vulnerabilities in Atlas Systems Aeon 3.5... |
| CVE-2014-8629 | 2014-11-19 | Cross-site scripting (XSS) vulnerability in the Page visualization agents in... |
| CVE-2014-5342 | 2014-11-19 | Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows... |
| CVE-2014-6621 | 2014-11-19 | Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does... |
| CVE-2014-6622 | 2014-11-19 | Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows... |
| CVE-2014-6624 | 2014-11-19 | The Insight module in Aruba Networks ClearPass before 6.3.6 and... |
| CVE-2014-6625 | 2014-11-19 | The Policy Manager in Aruba Networks ClearPass before 6.3.6 and... |
| CVE-2014-6626 | 2014-11-19 | Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 does... |
| CVE-2014-6627 | 2014-11-19 | Aruba Networks ClearPass before 6.3.5 and 6.4.x before 6.4.1 allows... |
| CVE-2014-7828 | 2014-11-19 | FreeIPA 4.0.x before 4.0.5 and 4.1.x before 4.1.1, when 2FA... |
| CVE-2014-8594 | 2014-11-19 | The do_mmu_update function in arch/x86/mm.c in Xen 4.x through 4.4.x... |
| CVE-2014-8595 | 2014-11-19 | arch/x86/x86_emulate/x86_emulate.c in Xen 3.2.1 through 4.4.x does not properly check... |
| CVE-2014-2382 | 2014-11-20 | The DfDiskLo.sys driver in Faronics Deep Freeze Standard and Enterprise... |
| CVE-2014-8387 | 2014-11-20 | cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows... |
| CVE-2014-8995 | 2014-11-20 | SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers... |
| CVE-2014-8996 | 2014-11-20 | Multiple cross-site scripting (XSS) vulnerabilities in Nibbleblog before 4.0.2 allow... |
| CVE-2014-8997 | 2014-11-20 | Unrestricted file upload vulnerability in the Photo functionality in DigitalVidhya... |
| CVE-2014-8998 | 2014-11-20 | lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated... |
| CVE-2014-9002 | 2014-11-20 | Lantronix xPrintServer does not properly restrict access to ips/, which... |
| CVE-2014-9003 | 2014-11-20 | Cross-site request forgery (CSRF) vulnerability in Lantronix xPrintServer allows remote... |
| CVE-2014-9004 | 2014-11-20 | Cross-site scripting (XSS) vulnerability in vldPersonals before 2.7.1 allows remote... |
| CVE-2014-9005 | 2014-11-20 | Multiple SQL injection vulnerabilities in vldPersonals before 2.7.1 allow remote... |
| CVE-2014-9006 | 2014-11-20 | Monstra 3.0.1 and earlier uses a cookie to track how... |
| CVE-2014-8999 | 2014-11-20 | SQL injection vulnerability in htdocs/modules/system/admin.php in XOOPS before 2.5.7 Final... |
| CVE-2014-9000 | 2014-11-20 | Mule Enterprise Management Console (MMC) does not properly restrict access... |
| CVE-2014-9001 | 2014-11-20 | reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authenticated users... |
| CVE-2014-3625 | 2014-11-20 | Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x... |
| CVE-2014-8493 | 2014-11-20 | ZTE ZXHN H108L with firmware 4.0.0d_ZRQ_GR4 allows remote attackers to... |
| CVE-2014-8767 | 2014-11-20 | Integer underflow in the olsr_print function in tcpdump 3.9.6 through... |
| CVE-2014-8768 | 2014-11-20 | Multiple Integer underflows in the geonet_print function in tcpdump 4.5.0... |
| CVE-2014-8769 | 2014-11-20 | tcpdump 3.8 through 4.6.2 might allow remote attackers to obtain... |
| CVE-2014-9019 | 2014-11-20 | Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII... |
| CVE-2014-9020 | 2014-11-20 | Cross-site scripting (XSS) vulnerability in the Quick Stats page (psilan.cgi)... |
| CVE-2014-9021 | 2014-11-20 | Multiple cross-site scripting (XSS) vulnerabilities in ZTE ZXDSL 831 allow... |
| CVE-2014-9023 | 2014-11-20 | The Twilio module 7.x-1.x before 7.x-1.9 for Drupal does not... |
| CVE-2014-9027 | 2014-11-20 | Multiple cross-site request forgery (CSRF) vulnerabilities in ZTE ZXDSL 831CII... |
| CVE-2014-9022 | 2014-11-20 | The Webform Component Roles module 6.x-1.x before 6.x-1.8 and 7.x-1.x... |
| CVE-2014-9024 | 2014-11-20 | The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows... |
| CVE-2014-9025 | 2014-11-20 | The default checkout completion rule in the commerce_order module in... |
| CVE-2014-9026 | 2014-11-20 | The Ubercart module 7.x-3.x before 7.x-3.7 for Drupal does not... |
| CVE-2014-7194 | 2014-11-21 | TIBCO Managed File Transfer Internet Server before 7.2.4, Managed File... |
| CVE-2014-7195 | 2014-11-21 | Spotfire Web Player Engine in TIBCO Spotfire Web Player 6.0.x... |
| CVE-2014-8000 | 2014-11-21 | Cisco Unified Communications Manager IM and Presence Service 9.1(1) produces... |
| CVE-2014-8388 | 2014-11-21 | Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before... |
| CVE-2014-5395 | 2014-11-21 | Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276... |
| CVE-2014-7137 | 2014-11-21 | Multiple SQL injection vulnerabilities in Dolibarr ERP/CRM before 3.6.1 allow... |
| CVE-2014-7871 | 2014-11-21 | SQL injection vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev36 and... |
| CVE-2014-8090 | 2014-11-21 | The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551,... |
| CVE-2014-8469 | 2014-11-21 | Cross-site scripting (XSS) vulnerability in Guests/Boots in AdminCP in Moxi9... |
| CVE-2014-8539 | 2014-11-21 | Cross-site scripting (XSS) vulnerability in Simple Email Form 1.8.5 and... |
| CVE-2014-8681 | 2014-11-21 | SQL injection vulnerability in the GetIssues function in models/issue.go in... |
| CVE-2014-8682 | 2014-11-21 | Multiple SQL injection vulnerabilities in Gogs (aka Go Git Service)... |
| CVE-2014-8683 | 2014-11-21 | Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (aka Go... |
| CVE-2014-4807 | 2014-11-23 | Sterling Order Management in IBM Sterling Selling and Fulfillment Suite... |
| CVE-2014-6183 | 2014-11-23 | IBM Security Network Protection 5.1 before 5.1.0.0 FP13, 5.1.1 before... |
| CVE-2014-8626 | 2014-11-23 | Stack-based buffer overflow in the date_from_ISO8601 function in ext/xmlrpc/libxmlrpc/xmlrpc.c in... |
| CVE-2014-8710 | 2014-11-23 | The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector... |
| CVE-2014-8711 | 2014-11-23 | Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in... |
| CVE-2014-8712 | 2014-11-23 | The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in... |
| CVE-2014-8713 | 2014-11-23 | Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in... |
| CVE-2014-8714 | 2014-11-23 | The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in... |
| CVE-2014-6477 | 2014-11-23 | Unspecified vulnerability in the JPublisher component in Oracle Database Server... |
| CVE-2010-5312 | 2014-11-24 | Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget... |
| CVE-2014-5314 | 2014-11-24 | Buffer overflow in Cybozu Office 9 and 10 before 10.1.0,... |
| CVE-2014-5325 | 2014-11-24 | The (1) DOMConverter, (2) JDOMConverter, (3) DOM4JConverter, and (4) XOMConverter... |
| CVE-2014-5326 | 2014-11-24 | Cross-site scripting (XSS) vulnerability in Direct Web Remoting (DWR) through... |
| CVE-2014-7830 | 2014-11-24 | Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module... |
| CVE-2014-7831 | 2014-11-24 | lib/classes/grades_external.php in Moodle 2.7.x before 2.7.3 does not consider the... |
| CVE-2014-7832 | 2014-11-24 | mod/lti/launch.php in the LTI module in Moodle through 2.4.11, 2.5.x... |
| CVE-2014-7833 | 2014-11-24 | mod/data/edit.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before... |
| CVE-2014-7834 | 2014-11-24 | mod/forum/externallib.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3... |
| CVE-2014-7835 | 2014-11-24 | webservice/upload.php in Moodle 2.6.x before 2.6.6 and 2.7.x before 2.7.3... |
| CVE-2014-7836 | 2014-11-24 | Multiple cross-site request forgery (CSRF) vulnerabilities in the LTI module... |
| CVE-2014-7837 | 2014-11-24 | mod/wiki/admin.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before... |
| CVE-2014-7838 | 2014-11-24 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Forum module... |